My test results:
All problems are no regressions from 1.4.1.
Summary
=======
- some libtool m4 files not deleted by buildconf (see below)
- crypto configure for OpenSSL at least fails on Solaris,
because when linking against the libssl we need
the additional flags "-ldl -lsocket -lnsl". Currently
there's no way to fix this apart from hacking configure.
For Linux I'm not sure, but likely you'll need "-ldl".
- LDADD_* variables are always set/overwritten in the m4 files
instead of using APR_ADDTO like we do in httpd land. So no way
of adding custom flags before the build. This is needed
when e.g. you want to add a runpath to one of the additionally
build libs because your sqlite, mysql etc. are installed in
non-system locations.
- LDADD flags are typically not respected during configure.
- configure fails for Berkeley DB in non-standard path,
because it doesn't add an rpath to conftest and then tries
to run the file
- no rpath for ldap, mysql and crypto dso extensions. So no
way to run the result without LD_LIBRARY_PATH.
Interesting: the m4 file does add an rpath only for oracle.
Since there's no platform independent way to add rpath,
we might want to remove it everywhere (and users would need
to use the respective LDADD variables - see above).
- no rpath for dependency libs when building without dso support,
e.g. when the ldap, crypto, mysql, oracle, sqlite etc. extensions
are all in the big apr util library.
- testall sometimes fails in testpass on Linux and often fails
in testcrypto when testing nss passphrase (see below).
- Windows Build system:
- all *.dep and *.mak files are missing
- test/testutildll.dsp is the only DSP containing "Release9x" and
"Debug9x" configuration info. IMHO that's obsolete and could
be removed.
Details
=======
- svn compared with gz, bz2 and zip only expected differences
except for the following in the directory xml/expat/conftools
which are not a blocker;
IMHO we could remove those at the and of buildconf
libtool.m4
lt~obsolete.m4
ltoptions.m4
ltsugar.m4
ltversion.m4
- files signed, checksums correct
- built and made check on the following platforms:
- Solaris 8 and 10 Sparc (gcc 4.1.2 resp. 4.7.1)
- SuSE Linux Enterprise 10 32 Bit and 10 and 11 64 Bit
- RedHat Enterprise Linux 5 and 6 64 Bit
- using all combinations of:
- apr 1.4.6 / 1.4.x r1371221
- expat builtin / 2.1.0
- dso disable / enable
- Berkeley DB 5.1.29
- sqlite 3.7.13.0
- mysql 6.0.2 (only Solaris)
- oracle 11.2.0.2.0 (Solaris 10), resp. 10.2.0.5.0 (Solaris 8)
- platform nss (Solaris 10 and RHEL 5 and 6)
- make check for the successful build ran fine except for:
- one failure in testdbm on SLES 11 without DSO,
*not* reproducible
- 34 failures in testpass on the Linux builds
(out of a total of 120 builds)
- testing crypto for nss gives errors on Solaris 10 and on RHEL
where I had built crypto with nss and OpenSSL (no nss build
on the other platforms):
Count Message
72 passphrase: KEY_3DES_192/MODE_CBC nss native error -8128: ()
160 passphrase: KEY_3DES_192/MODE_CBC nss native error -8186: ()
64 passphrase: KEY_AES_128/MODE_CBC nss native error -8128: ()
64 passphrase: KEY_AES_128/MODE_CBC nss native error -8186: ()
48 passphrase: KEY_AES_128/MODE_ECB nss native error -8128: ()
64 passphrase: KEY_AES_192/MODE_CBC nss native error -8128: ()
64 passphrase: KEY_AES_192/MODE_CBC nss native error -8186: ()
48 passphrase: KEY_AES_192/MODE_ECB nss native error -8128: ()
96 passphrase: KEY_AES_256/MODE_CBC nss native error -8128: ()
192 passphrase: KEY_AES_256/MODE_CBC nss native error -8186: ()
64 passphrase: KEY_AES_256/MODE_ECB nss native error -8128: ()
64 passphrase: KEY_AES_256/MODE_ECB nss native error -8186: ()
24 passphrase: KEY_3DES_192/MODE_CBC nss native error -8128: ()
32 passphrase: KEY_3DES_192/MODE_CBC nss native error -8186: ()
Error number -8186 is on Solaris and RHEL 6, -8128 on RHEL 5.
I debugged into one failure and there the problem was, that
algid = PK11_CreatePBEV2AlgorithmID(key->cipherOid, key->cipherOid,
SEC_OID_HMAC_SHA1, 0, iterations, &saltItem);
returns NULL. Don't know how to fix that.
- I have not run the httpd test framework against those builds
Remarks
=======
If you don't need to release before, I would like to fix the LDADD use
over the weekend, but it is not a show stopper.
Another nice to have would be an expat update to 2.1.0.
Regards,
Rainer
